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CLAIMS 



[Claim(s)] 

[Claim 1] Apparatus for electronic equipment characterized by comprising the following, for example, 
information processing, or communication. 

a) A sensor apparatus (SE) which detects physiological characterization of a user of apparatus (BM), 
for example, a fingerprint. 

b) A data processing device (DE) for which it asks from physiological characterization which had 
information (FPAUTINF) used for a user s attestation detected. 

c) A means to input information (AUTINF) used for attestation via an input device (EE) which inputs 
information, and this input device. 

d) or [ having asked ] — or test equipment (PE) which inspects inputted certification information, 
and releases a function of apparatus to a user of this ** when an inspection is effective. 

[Claim 2]The apparatus according to claim 1 which as for said data processing device (DE) is 
constituted so that identically to certification information (FPPIN) asked for certification information 
(PIN) inputted via an input device for an inspection of effective attestation from physiological 
characterization of a user who has authority. 

[Claim 3]The apparatus according to claim 1 or 2 by which said data processing device (DE) can use 

two or more processes (M1 Mn) of searching for information (FPAUTINF1 FPAUTINFn) used 

for attestation of a user of this ** from a user's detected physiological characterization. 
[Claim 4]The apparatus according to claim 3 as which said data processing device makes a desired 
process choose from physiological characterization among two or more processes of searching for 
certification information, to a user who has authority. 

[Claim 5]Apparatus given [ to claims 1-4 ] in any 1 paragraph which has a means to display 
certification information (FPAUTINF) searched for from a user's physiological characterization. 
[Claim 6]A user has a means which attests by inputting certification information via an information 
input device, using physiological characterization peculiar to a user, In the 1st case, a sensor 
apparatus detects a user s physiological characterization, How to attest an equipment user 
characterized by what it inspects with test equipment in quest of information used for attestation 
from detected physiological characterization, and certification information which a user inputted via 
an input device in the 2nd case is inspected for with the same test equipment. 
[Claim 7]A method of attesting the equipment user according to claim 6, comprising: 

a) A step which asks for a feature vector from measurement data of a sensor apparatus. 

b) A step which quantizes a vector from a called-for feature vector. 

c) A step which inspects certification information corresponding to a result of quantization of a 
vector. 
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[Translation done.] 
* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

Before using, very various electronic equipment by which a user has to perform attestation thru/or 
authentification is known. The main example is, the computer (information management system) of 
various composition, communication equipment, for example, a mobile phone etc., etc. There are 
some which are generally protected by the password as opposed to the unauthorized use in these 
apparatus. Other apparatus has protected only the predetermined function against unlawful access 
(for example, what is called personal identification number PIN). Predetermined data or protection of 
access to service also belongs to this. That is right, even when this is not used by .apparatus and 
used by a computer network or the communication network. 
[0002] 

The input of the certification information of the form used frequently today is an input through the 
keyboard of apparatus. The justification of information inputted after the input and by extension, the 
authority of the user who performed the input are inspected with the test equipment of apparatus, a 
computer network, or a communication network. In the mobile phone based on a GSM standard, this 
is performed by inspecting whether inputted PIN suits the information memorized by the SIM card 
using the data processing device on what is called a SIM card of apparatus. In suiting, a mobile 
phone becomes usable with a SIM card. Where PIN was not memorized and is locked in apparatus 
based on a GSM standard, when the SIM card memorizes, the security of the customer of a 
telephone goes up. 
[0003] 

The art which can attest a user in the form of others from before for a while is used. This art is 
based on detecting physiological characterization peculiar to a user by a special sensor. This main 
example is a fingerprint detection sensor. Another physiological characterization is the 
characteristic of the retina tissue the human being's eyes', or human being's voice, and these are 
similarly used by several sorts of apparatus. 
[0004] 

Usually, when the feature detected by the sensor is compared with the known feature of the user 
who has authority and is fully in agreement with apparatus or the data processing device of a 
communication network, access to the function of desired service, required data, or selected 
apparatus is released. 
[0005] 

It is significant if attestation of the two above-mentioned forms combines mutually in the apparatus 
of some types. For example, it is more desirable for a user not only to be able to to use a telephone 
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with a fingerprint sensor, but to be able to share PIN with other persons, or to be able to use in a 
mobile phone, so that it can use within the limits of the authority to which apparatus is given with 
the peculiar SIM card. The attestation which furthermore passed the fingerprint generates an error 
accidentally, or becomes impracticable. This is a case where the user's hand is dirty or the user has 
stuck the glove. It is that desirable one (or required thing) can be attested from these reasons or 
other reasons by the technique by which one person differs from two or more users of apparatus. 
Physiological attestation is performed along with attestation by an PIN input in this case. In the 
mobile phone based on a GSM standard, this standard has defined the authentication means by an 
PIN input beforehand compulsorily. 
[0006] 

The above-mentioned situation shows that the conventional physiological authentication process is 
impossible in the mobile phone based on a GSM standard. It is because attestation by PIN using a 
SIM card is certainly required from the reason of compatibility over a GSM standard. As a means 
which looks possible for the time being, PIN is memorized in apparatus, and this is eliminated 
although it is possible to transfer PIN memorized in accordance with the detected fingerprint and 
the fingerprint with which the user who has authority was remembered when an inspection is 
effective to a SIM card, and to inspect it. It is because memorizing PIN at somewhere else other 
than the inside of a SIM card in a mobile phone is forbidden by the GSM standard from the reasons 
of security. Physiological attestation is taken into consideration as an additional security means in 
this case. However, such an additional security means is unnecessary if it carries out from the high 
safety of attestation by an PIN input, and many users cannot accept it easily and should sense it. 
[0007] 

The technical problem made into the foundation of this invention is providing the technical idea 
which makes possible combination of a physiological user's attestation, and attestation by an PIN 
input also in the mobile phone of a GSM standard or a similar case, and enables it to fully utilize 
attestation of each form. It has the option whether a user wants to use attestation of which form. 
However, it can have a means by which the especially selected user (for example, owner of 
apparatus) can adjust logic AND combination of two attestation forms in apparatus. This technical 
problem is solved by the claim by the apparatus or the method of a statement. 
[0008] 

In this invention, a user's physiological characterization is detected by a sensor apparatus, and the 
information used for attestation is searched for using a mathematical process from the detected 
physiological characterization. Certification information arises in the culmination which evaluates 
physiological characterization by this, and this information is inspected with the same test 
equipment as inspecting the certification information which the user inputted via the information 
input device (for example, keyboard). In the easiest case, the result of evaluation of a fingerprint 
becomes the same thing as PIN which the user inputted via the keyboard. However, this PIN is 
calculated from a user's physiological characterization detected by the sensor apparatus rather than 
is memorized by apparatus. 
[0009] 

It is not necessary to become equivalent [ attestation of this form ] to the result of attestation 
through the input of the keyboard according to the form of evaluating the physiological 
characterization detected by the sensor apparatus, and becomes unnecessary to change the usual 
interface which inspects the validity of attestation. It is not necessary to change a certain protocol 
standardized especially. The two techniques of attestation can be satisfactorily used in parallel. The 
user can choose two techniques freely in any state at any time. It can also constitute so that the 
two attestation techniques may give permission only to the user who passed effectively, of course 
using AND combination. 
[0010] 

This invention is explained in detail using figures according to an advantageous example below. 
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[0011] 

The example of this invention by which all the methods and devices are accumulated into apparatus 

is shown in drawing 1 . 

[0012] 

The example of this invention to which test equipment exists in apparatus is shown in drawing 2 . 
[0013] 

The example of this invention on which the display which displays certification information is 

accumulated by apparatus is shown in drawing 3 . 

[0014] 

An example typical and important for this invention moreover is a mobile phone based on a GSM 
standard, and this uses a fingerprint sensor for a user's attestation. This fingerprint sensor is a 
special example of sensor apparatus SE shown in drawing 1 . If the user of the apparatus EG is 
standing by putting a finger on this fingerprint sensor and attesting the input of apparatus of PIN, 
SuperPIN, PIN2 (it is selectively dependent on a maker), etc., A fingerprint sensor detects suitable 
physiological characterization BM of the user of this **, and sends this out to data processing 
device DE. 
[0015] 

In the case of a GSM mobile phone, this data processing device is with the processor already 
provided in the mobile phone, and the software which operates on this processor. However, on the 
other hand, the special software with which it is used via a peculiar processor unit (or generally 
sensor apparatus), and a fingerprint sensor manages fingerprint recognition on this processor unit 
operates. Thereby, the data processing device is incorporated in the sensor apparatus completely 
selectively in the range of this invention. Like other techniques of recognizing physiological 
characterization, since it is fully common knowledge at this work engineer, the real original form 
voice (and integration of partitioning in a subsystem, or a well-known hardware module), i.e., various 
configurations, of a data processing device, the fingerprint recognition itself, About this portion, 
there is no problem in particular in realization of the security of this invention. 
[0016] 

According to this invention, a data processing device searches for the information which was 
suitable for the user's attestation from the detected physiological characterization. It is PIN (or 
PIN2 in addition to this) memorized in the state where it was locked on the SIM card of the user 
regarded as this having authority in the easiest case. This PIN is handed over and inspected to a 
SIM card, as the user inputted via the keyboard (information input device) of a mobile phone. Next, 
to this work engineer, the inspection process provided in the well-known GSM standard operates 
within the test equipment (a SIM card, a device connected with the data processing device of 
apparatus by the case) of a mobile phone. When the certification information FPAUTINF is in 
agreement with PIN memorized on the right case, i.e., a SIM card, the functions (for example, 
network access etc.) of the apparatus protected by attestation are released. 
[0017] 

The important advantage of the means of above-mentioned this invention is that a fingerprint 
recognition part hands over a user s PIN to a SIM card, when the user has authority. It is because it 
is not necessary to change the security protocol of a GSM standard at all by this. This 
advantageous characteristic does not exist in a means by which it seems that others are 
fundamental, use any — by the means of **, the input of additional PIN through a keyboard is 
neec | ec | f or evasion thru/or change of a GSM standard is needed. The input through a keyboard of 
additional PIN is effective only when taking fingerprint recognition into consideration as an additional 
security means added to the PIN input. 
[0018] 

Of course, such additional attestation is possible also by this invention. In this case, it is not 
necessary to transmit the certification information searched for from sensor data to a SIM card. 
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Instead, for example, intentionally mistaken PIN may be transmitted to a SIM card, or an input error, 
discontinuation, others of an input, etc. may simulate. On the other hand, a SIM card newly requires 
an PIN input. In accordance with PIN asked for inputted PIN, when interexchangeable, data 
processing device DE transmits this PIN to a SIM card, and release is permitted according to this. 
[0019] 

PIN calculated from sensor data, of course may not necessarily be the same as that of PIN of a SIM 
card. By an above-mentioned standard or other apparatus, when a suitable security protocol grants 
a permission each time, test equipment can inspect whether these suit mutually by two different 
certification information. 
[0020] 

When there is the certification information FPAUTINF calculated from sensor data in other 
apparatus which is not based on a GSM standard only by one attestation (namely, attestation 
simultaneous with an PIN input or attestation independent of this) by sensor data, Although it may 
differ from the certification information AUTINF inputted via the keyboard, if two information directs 
the user who has authority, these will recognize test equipment to conform simultaneously. 
[0021] 

All the mathematical simulations (function) are fundamentally taken into consideration as a 
computation process over the certification information FPAUTINF acquired from physiological 
characterization BM, The certification information (generally coded by the alphanumeric character) 
AUTINF of other forms is assigned to a fingerprint or other physiological characterization BM. The 
following conditions must be satisfied here, namely, a — the same certification information 
FPAUTINF being drawn from physiological characterization BM similar enough, and, b) The 
certification information FPAUTINF which is different from fully different physiological 
characterization BM is drawn, and what the certification information FPAUTINF is searched for for 
from physiological characterization BM or the knowledge of this feature BM (for example, it guesses) 
is an impossible thing substantially for the user of c injustice. 
[0022] 

It guarantees that the conditions a fully have fingerprint recognition with a LOVA strike also to a 
small noise. Otherwise, it is because the rate that the user who has authority is refused will become 
very high. The conditions b are established so that a different users fingerprint may derive the 
various certification information FPAUTINF with probability high enough to this. The meaning of the 
conditions c is clear. 
[0023] 

Various mathematical simulations which are satisfied with a person skilled in the art (there is some 
of appropriateness by a case) of this demand are common knowledge. The simulation which has 
these characteristics is given by what is called vector quantization. The technique of the common 
knowledge to a person skilled in the art is not explained other than the part considered to be here 
required for an understanding of this invention. 
[0024] 

It is premised on the physiological characterization detected by the sensor apparatus being first 
moved to the so-called form of a feature vector when using this technique for the purpose of this 
invention. This assumption does not turn into any limitation actually, either. It is because sensor 
data is expressed as n groups who were always able to set in order n measurement data (feature 
vector). A feature vector forms the space of n dimension. In this space, a set (code book vectors) of 
a pattern vector exists, and an interval scale (similar degree to physiological characterization) is 
specified. The cell in space exists to each pattern vector, this cell ****s in each feature vector in a 
cell, and the pattern vector is prescribed by by being a cell of the pattern vector which exists in the 
next within the limits of the interval scale of this **. 
[0025] 

The information for which it was fundamentally suitable in attestation is assigned to each pattern 
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vector. Exact certification information (for example, true PIN) is assigned to one pattern vector. If it 
asks for the pattern vector which exists in the next to the predetermined feature vector which 
****s to the detected sensor data so that clearly from the above-mentioned explanation, when the 
user of this ** has authority, exact information (true PIN) is drawn, and when that is not right, the 
mistaken certification information will be sent out. The error rate of this process can be optimized 
when it is guaranteed that the feature vector relevant to the physiological characterization of the 
user who has authority is one of the pattern vectors. This is attained by adapting this system to the 
physiological characterization of the user who has authority in an initialization phase (code book 
adaptation). 
[0026] 

Vector quantization is not the only technique which can be used in relation to this invention. Other 

techniques which are not explained to a person skilled in the art here are feasible. 

[0027] 

Originally calculating the certification information FPAUTINF by vector quantization from a user's 
physiological characterization is connected with "memory of PIN" by apparatus (if based on this 
specification). It is because the possible certification information FPAUTINF is fundamentally 
assigned to each pattern vector of a code book. However, this is actually (except for one users, i.e., 
the user who has authority, feature vector) suitable for attestation in almost no cases. That is, for 
example, although all the possible PIN is memorized ideally and a pattern vector is assigned to every 
one each of these in PIN of the alphanumeric character of 5 figures, only when a pattern vector is 
detected correctly enough, addressing can be carried out to appropriate PIN within a sensor. It will 
become impossible therefore, to find out exact PIN in spite of "memorizing in apparatus" except the 
user who has the exact physiological characterization in which the number of possible PIN becomes 
large too much. Such a situation is not taken into consideration when memorizing PIN to apparatus 
by a standard is forbidden. 
[0028] 

Memorizing PIN to apparatus is not permitted in a GSM standard. However, the necessity of 
changing PIN is produced frequently. This is a case where PIN is known by the 3rd person etc. 
However, it is that which calculates PIN from a fingerprint in this invention (that is, it calculates), 
and unless exchange of a fingerprint or other physiological characterizations is possible, this is 
impossible first. If a means to change PIN is still given to a user, it constitutes so that it may 
replace only with one computation process and all the sets of this kind in apparatus of process can 
be equally used by the advantageous embodiment of this invention. The sequence number is 
assigned to each computation process and the user who has authority to this can change the 
process to be used at any time. Since each process M1 and ... to the same fingerprint BM, and Mn 

calculate other PIN (FPAUTINF1 FPAUTINFn), it is chosen whether a user makes much PIN 

calculate in which process. 
[0029] 

The example of this invention is realizable by vector quantization similarly. Not only a code book but 
two or more code books of the pattern vector are provided here. Each code book has a 
predetermined number and it is selectable via this number in it. Probably it depends for other 
processes on a parameter. In this invention, other mathematical simulations are formed by changing 
this parameter. If the dependency of a parameter is complicated enough, even if it changes a 
parameter actually, the guess of change of certification information will become impossible. The 
neural network (what is called multilayer perceptron) of a predetermined type is suitable for realizing 
this kind of simulation. By the means based on this neural network, actually, anywhere, PIN is not 
memorized as a sign sequence but is only memorized by network architecture as a weighting 
coefficient (in the state where it was locked suggestively). 
[0030] 

Especially in this example of this invention, it is taken into consideration from a viewpoint for which 
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the sequence of the password with which many persons differ is needed to the thoroughly different 
purpose or apparatus. It should become increasingly difficult to care about many passwords. When 
two or more processes M1, .... Mn (mathematical simulation) are used for the calculation from the 
only feature vector (sensor data aggregate) of two or more certification information (FPAUTINF1, 
FPAUTINF2), The problem at the time of detecting the physiological characterization which is not 
made to **** peculiar to a user is reduced by a suitable sensor. 
[0031] 

What is necessary is just to input the index of this kind of process in the context only provided in 
the user's operation table side, in order to choose a predetermined process. Thereby, a data 
processing device can constitute suitably for every software. 
[0032] 

Of course, two or more persons' physiological characterization is also combinable with one or more 
right PIN. When apparatus is combined only with one person as an exception (i.e., when only one SIM 
card is used correctly), release can be additionally combined with other security mechanisms, for 
example, the code of apparatus, etc. According to this invention, the pliability of each form, high 
safety, and the compatibility over a standard are acquired here. 
[0033] 

When changing PIN, the display for presenting of certification information is formed in another, 
especially advantageous example of this invention. Since this kind of displays are this kind of 
apparatus [ much ] and have already existed since the start, this can be used for this purpose. If it 
is going to change the certification information AUTINF (for example, PIN) which the user inputted 
via the keyboard into the information which suits a SIM card, in some computation processes, 
combination of the number of all the possible signs cannot use it as PIN by a case. For example, it is 
because it is smaller than the number of all the PIN in which a code book is possible. This case is 
enough to assign PIN to a pattern vector and change PIN corresponding to an individual pattern 
vector if the parameter of the computation process used is changed (for example, change of a code 
book number or change of a neural network's parameter). If PIN (or PIN which should generally be 
inputted) on a SIM card is not known after that, it becomes impossible to change in this meaning. 
And this is required because of the further use to the technical problem of this invention. The user 
who has authority can be told about changed PIN by making the display of apparatus give a short- 
time indication only once suitably, advantageously, after changing PIN. Other means (for example, 
show new PIN later) are possible. 
[0034] 

Of course, this invention is not limited to a mobile phone, for example, the mobile phone based on a 
GSM standard. It is not difficult for a person skilled in the art to realize this invention in other 
apparatus or other systems based on the above-mentioned explanation, either. 
[0035] 

This invention in particular is not limited only to the case where inspection unit PE is accumulated 
into apparatus. The important example of apparatus is shown in drawing 2 , apparatus is connected 
with other at least one apparatus via a communication network, and test equipment also exists in a 
network here. The portion which manages calculating the certification information FP AUTINF from a 
part of data processing device or data processing unit DE, i.e., a user s physiological characterization 
BM, does not necessarily need to exist in apparatus, either. Of course, apparatus does not need to 
have accumulated sensor apparatus SE or accumulated keyboard EE. It is also clear that a device 
may be connected to apparatus in the form of an external module. The example of this invention 
should be protected by the claim of the method. 
[Brief Description of the Drawings] 
[Drawing 1] 

All the methods and devices are the figures showing the example of this invention accumulated into 
apparatus. 



file://C:\Documents and Settings\TherrienD\My Documents\JPOEn\JP-A-2002-5 12409.html 02/22/08 



JP-A-2002-5 12409 



Page 8 of 11 



[Drawing 2] 

All the methods and devices are the figures showing the example of this invention accumulated into 

apparatus. 

[Drawing 3] 

The display which displays certification information is a figure showing the example of this invention 
accumulated by apparatus. 



[Translation done.] 
* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1 This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



DRAWINGS 



fDrawing 1] 



file://C:\Documents and Settings\TherrienD\My Documents\JPOEn\JP-A-2002-5 12409.html 02/22/08 



JP-A-2002-5 12409 



Page 9 of 1 1 



<2 

Li. 



3d 


« 1 




FPAUTINF 


t 


AUTINF 


hi 
Q 






EE 


s 

CO 




SE 





[Drawing 2] 
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[Drawing 3] 
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